Skip to content

Commit

Permalink
Undo .env file
Browse files Browse the repository at this point in the history 
switch to JSONResponse instead of HTTPException
  • Loading branch information
@jonaraphael
jonaraphael committed Oct 18, 2023
1 parent 933a607 commit e736a85
Show file tree
Hide file tree
Showing 4 changed files with 72 additions and 41 deletions.
3 changes: 0 additions & 3 deletions Dockerfiles/Dockerfile.cloud_run_tipg
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,6 @@ ENV APP_HOME /app
WORKDIR $APP_HOME
COPY cerulean_cloud/ /app/cerulean_cloud/

# Copy .env file
COPY cerulean_cloud/cloud_run_tipg/.env.tipg /app/.env

# Install production dependencies.
RUN pip install -r cerulean_cloud/cloud_run_tipg/requirements.txt

Expand Down
21 changes: 0 additions & 21 deletions cerulean_cloud/cloud_run_tipg/.env.tipg
View file

This file was deleted.

30 changes: 13 additions & 17 deletions cerulean_cloud/cloud_run_tipg/handler.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,8 @@
import asyncpg
import jinja2
import pydantic
from fastapi import FastAPI, HTTPException
from fastapi import FastAPI
from fastapi.responses import JSONResponse
from mangum import Mangum
from starlette.middleware.base import BaseHTTPMiddleware
from starlette.middleware.cors import CORSMiddleware
Expand Down Expand Up @@ -101,26 +102,21 @@ async def dispatch(self, request: Request, call_next):
Returns:
Response: The outgoing FastAPI response object.
"""

print(
"XXX os.environ.get(SECRET_API_KEY)",
os.environ.get("SECRET_API_KEY", "NO SECRET KEY FOUND!!!"),
)
print("XXX request", request)
print("XXX request.headers.get('X-API-Key')", request.headers.get("X-API-Key"))
table = extract_table_from_request(request)
print("XXX table", table)
excluded_collections = get_env_list("TIPG_DB_EXCLUDE_TABLES") + get_env_list(
"TIPG_DB_EXCLUDE_FUNCTIONS"
)
print("XXX excluded_collections", excluded_collections)
excluded_collections = get_env_list("RESTRICTED_COLLECTIONS")
if table in excluded_collections:
print("XXX table in excluded_collections", table)
print(f"XXX {table} is in excluded_collections")
api_key = request.headers.get("X-API-Key")
if api_key != os.environ.get("SECRET_API_KEY", "XXX_SECRET_API_KEY"):
raise HTTPException(
status_code=403, detail="Access to table restricted"
if api_key != os.environ.get("SECRET_API_KEY"):
print(f"XXX {api_key} is invalid")
return JSONResponse(
status_code=403,
content={
"message": f"Access to {table} is restricted.",
"request_key": api_key,
},
)
print(f"XXX {api_key} is VALID")
response = await call_next(request)
return response

Expand Down
59 changes: 59 additions & 0 deletions stack/cloud_run_tipg.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,65 @@
name="DATABASE_URL",
value=sql_instance_url,
),
gcp.cloudrun.ServiceTemplateSpecContainerEnvArgs(
name="TIPG_NAME", value="Cerulean OGC API"
),
*[
gcp.cloudrun.ServiceTemplateSpecContainerEnvArgs(
name=f"TIPG_TABLE_CONFIG__public_{geom_table}__GEOMCOL",
value="geometry",
)
for geom_table in [
"sentinel1_grd",
"orchestrator_run",
"slick",
"aoi",
"slick_plus",
"source_infra",
"slick_to_source",
]
],
*[
gcp.cloudrun.ServiceTemplateSpecContainerEnvArgs(
name=f"TIPG_TABLE_CONFIG__public_{datetime_table}__DATETIMECOL",
value="update_time",
)
for datetime_table in [
"layer",
"model",
"subscription",
"magic_link",
"aoi_type",
]
],
gcp.cloudrun.ServiceTemplateSpecContainerEnvArgs(
name="TIPG_TABLE_CONFIG__public_sentinel1_grd__DATETIMECOL",
value="start_time",
),
gcp.cloudrun.ServiceTemplateSpecContainerEnvArgs(
name="TIPG_TABLE_CONFIG__public_orchestrator_run__DATETIMECOL",
value="inference_start_time",
),
gcp.cloudrun.ServiceTemplateSpecContainerEnvArgs(
name="TIPG_TABLE_CONFIG__public_slick__DATETIMECOL",
value="slick_timestamp",
),
gcp.cloudrun.ServiceTemplateSpecContainerEnvArgs(
name="TIPG_TABLE_CONFIG__public_slick_plus__DATETIMECOL",
value="slick_timestamp",
),
gcp.cloudrun.ServiceTemplateSpecContainerEnvArgs(
name="TIPG_MAX_FEATURES_PER_QUERY",
value=50000,
),
gcp.cloudrun.ServiceTemplateSpecContainerEnvArgs(
name="RESTRICTED_COLLECTIONS",
value='["public.aoi_user","public.filter", "public.frequency", "public.magic_link", "public.subscription", "public.user", "public.slick_to_source", "public.source", "public.source_infra", "public.source_type", "public.source_vessel", "public.get_slicks_by_source", "public.get_slicks_by_aoi_or_source"]',
),
gcp.cloudrun.ServiceTemplateSpecContainerEnvArgs(
name="SECRET_API_KEY",
value=pulumi.Config("cerulean-cloud").require("apikey"),
),
],
resources=dict(limits=dict(memory="8Gi", cpu="6000m")),
),
Expand Down

0 comments on commit e736a85

Please sign in to comment.